Discover and read the best of Twitter Threads about #FFLONK
Most recents (1)
1/5🚨
@Beosin_com discovered a vulnerability in #Circom verification library (CVE-2023-33252) and warns #ZK projects about the associated risks. Circom is a Rust-based compiler for zero-knowledge proof circuits, developed alongside the #SnarkJS library.
@identhree
@Beosin_com discovered a vulnerability in #Circom verification library (CVE-2023-33252) and warns #ZK projects about the associated risks. Circom is a Rust-based compiler for zero-knowledge proof circuits, developed alongside the #SnarkJS library.
@identhree
2/5
#SnarkJS enables proof systems implementation, including trusted setups, proof generation, and verification. It supports algorithms like #Groth16, #PLONK, and #FFLONK. @Beosin_com found a severe vulnerability in #SnarkJS versions up to 0.6.11.
#SnarkJS enables proof systems implementation, including trusted setups, proof generation, and verification. It supports algorithms like #Groth16, #PLONK, and #FFLONK. @Beosin_com found a severe vulnerability in #SnarkJS versions up to 0.6.11.
3/5
The vulnerability allowed attackers to forge multiple proofs that passed verification, enabling double-spending attacks. @Beosin_com promptly reported it, assisted in fixing the issue, and the vulnerability has now been patched. Upgrade to #SnarkJS 0.7.0 for security.
The vulnerability allowed attackers to forge multiple proofs that passed verification, enabling double-spending attacks. @Beosin_com promptly reported it, assisted in fixing the issue, and the vulnerability has now been patched. Upgrade to #SnarkJS 0.7.0 for security.
